CN111031537A - Wireless local area network management system for preventing illegal user access - Google Patents
Wireless local area network management system for preventing illegal user access Download PDFInfo
- Publication number
- CN111031537A CN111031537A CN202010030530.6A CN202010030530A CN111031537A CN 111031537 A CN111031537 A CN 111031537A CN 202010030530 A CN202010030530 A CN 202010030530A CN 111031537 A CN111031537 A CN 111031537A
- Authority
- CN
- China
- Prior art keywords
- local area
- area network
- user terminal
- wireless
- wireless local
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/10—Small scale networks; Flat hierarchical networks
- H04W84/12—WLAN [Wireless Local Area Networks]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention relates to the technical field of wireless local area network management, and discloses a wireless local area network management system for preventing illegal user access, which comprises: wireless control equipment C, wireless access equipment M and user terminal equipment U running with wireless local area network management system softwarei(ii) a When the user terminal equipment UiWhen detecting the network signal of the wireless local area network provided by the wireless access device M and sending a request to the wireless access device M for accessing into the wireless local area network, the wireless local area network management system of the wireless control device C adopts a user authentication method based on zero knowledge certification to the user terminal device UiThe identity of the user is authenticated, and only the user terminal equipment UiAccess to the wireless lan is allowed through the wireless access device M only after the authentication of (2) is passed. The invention solves the technical problem that the existing wireless local area network management system can not carry out safety verification on the identity of the client user accessing the wireless local area network.
Description
Technical Field
The invention relates to the technical field of wireless local area network management, in particular to a wireless local area network management system for preventing illegal user access.
Background
The wireless network uses electromagnetic waves as a transmission medium, and signals of the wireless network are transmitted in an open space, so that the signals of the wireless network can be received within a proper signal coverage range as long as a proper wireless client device is provided. Due to this transmission characteristic of wireless networks, wireless networks cannot secure communications by securing communication lines in a manner similar to wired networks.
The Windows operating system basically has a function of automatically searching for a wireless network, and as long as the wireless network is basically known, an unauthorized user or hacker can access a found wireless network through general attack or by means of an attack tool for the wireless network which is not protected or has a low security level. Once accessed, an illegal user occupies the network broadband of a legal user, and even a malicious illegal user changes the setting of a router, so that the legal user cannot normally log in, and a purposeful illegal access person can also invade a computer of the legal user to steal related information.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides a wireless local area network management system for preventing illegal user access, which aims to solve the technical problem that the identity of a client user accessing a wireless local area network cannot be safely verified in the conventional wireless local area network management system.
(II) technical scheme
In order to achieve the purpose, the invention provides the following technical scheme:
a wireless local area network management system for preventing illegal user access comprises: wireless control equipment C, wireless access equipment M and user terminal equipment U running with wireless local area network management system softwarei;
When the user terminal equipment UiWhen detecting the network signal of the wireless local area network provided by the wireless access device M and sending a request to the wireless access device M for accessing into the wireless local area network, the wireless local area network management system of the wireless control device C adopts a user authentication method based on zero knowledge certification to the user terminal device UiThe authentication method of the wireless local area network management system comprises the following steps:
the method comprises the following steps: user terminal device UiPerforming user registration on a wireless local area network management system of the wireless control device C, specifically:
(a) management system of wireless local area network in binary domainUpper selected a curve Op(a, b) in the curve Op(a, b) randomly selecting a point E as a base point, and returning the base point E to the user terminal equipment Ui;
(b) User terminal device UiIn the binary fieldSelecting a private key W, calculating a public key W (wE), and transmitting the public key W to a wireless local area network management system;
step two: wireless local network management system of wireless control equipment C for user terminal equipment UiThe identity of the user is authenticated, and the specific authentication process is as follows:
(a) user terminal device UiIn the binary fieldSelecting a random number y at random, calculating E1D is yE, so that E1At curve OpAt (a, b), adding E1Transmitting to a wireless local area network management system;
(b) the WLAN management system randomly generates in binary fieldThe random number c is returned to the user terminal equipment Ui;
(c) User terminal device UiCalculating S as y + cw, and transmitting S to the wireless local area network management system;
(d) wireless local area network management system verification user terminal device UiIf SE ═ E1If + cW is true, it indicates that the authentication is passed, i.e. the user terminal device UiIdentity is legal, allowing user terminal equipment UiAnd accessing into the wireless local area network through the wireless access device M.
Further, the wireless control device C is used for the user terminal device UiThe identity of the user terminal equipment U is authenticated and legal user terminal equipment U is allowediAccess to wireless LAN and reject illegal user terminal device UiAccess to wireless local areaAnd (4) in the network.
Further, the main functions of the wireless access device M are to provide network signals and access policies of the wireless local area network.
Further, the user terminal device UiIs used for acquiring network signals of the wireless local area network and is used for accessing the network of the wireless local area network.
(III) advantageous technical effects
Compared with the prior art, the invention has the following beneficial technical effects:
in the invention, when user terminal equipment U is usediWhen detecting the network signal of the wireless local area network provided by the wireless access device M and sending a request to the wireless access device M for accessing into the wireless local area network, the wireless local area network management system of the wireless control device C adopts a user authentication method based on zero knowledge certification to the user terminal device UiThe identity of the user is authenticated, and only the user terminal equipment UiAccess to the wireless local area network is allowed through the wireless access device M only after the authentication of the identity of the access point M passes;
and at the user terminal device UiAfter the identity authentication is completed, the wireless lan management system of the wireless control device C only knows the user terminal device UiIs not aware of the wireless AP device U, whether the identity of (b) is legitimateiPrivate key w of, i.e. user terminal device UiThe identity authentication is completed on the premise of not revealing the private key w of the user;
therefore, the technical problem that the identity of a client user accessing the wireless local area network cannot be safely verified in the conventional wireless local area network management system is solved.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A wireless local area network management system for preventing illegal user access comprises: wireless control equipment C, wireless access equipment M and user terminal equipment U running with wireless local area network management system softwarei;
The wireless control equipment C is used for the user terminal equipment UiThe identity of the user terminal equipment U is authenticated and legal user terminal equipment U is allowediAccess to wireless LAN and reject illegal user terminal device UiAccessing into a wireless local area network;
the main functions of the wireless access device M are to provide network signals and access policies of the wireless local area network;
user terminal device UiThe main functions of the system are used for acquiring network signals of the wireless local area network and accessing into the network of the wireless local area network;
when the user terminal equipment UiWhen detecting the network signal of the wireless local area network provided by the wireless access device M and sending a request to the wireless access device M for accessing into the wireless local area network, the wireless local area network management system of the wireless control device C adopts a user authentication method based on zero knowledge certification to the user terminal device UiThe identity of (2) is authenticated;
when the user terminal equipment UiIf the identity authentication is legal, the wireless local area network management system of the wireless control equipment C allows the user terminal equipment UiAccessing to a wireless local area network through a wireless access device M;
when the user terminal equipment UiIf the identity authentication is illegal, the wireless local area network management system of the wireless control device C does not allow the user terminal device UiAccessing to a wireless local area network through a wireless access device M;
the user authentication method of the wireless local area network management system comprises the following steps:
the method comprises the following steps: user terminal device UiPerforming user registration on the wireless local area network management system of the wireless control device C, specifically:
(a) The wireless local area network management system pops up and user terminal equipment U on the registration pageiA dialog box for interactive communication;
(b) management system of wireless local area network in binary domainUpper selected a curve Op(a, b) in the curve Op(a, b) randomly selecting a point E as a base point, and displaying the base point E in the dialog box, namely returning the base point E to the user terminal equipment Ui;
(c) User terminal device UiIn the binary fieldSelecting a private key W, calculating a public key W (wE), and inputting the public key W into a dialog box, namely transmitting the public key W to a wireless local area network management system;
the private key w is the only legal certification key and is the user terminal device UiThe private key w is owned independently, namely the wireless local area network management system does not know the private key w;
step two: when the user terminal equipment UiWhen detecting a network signal of the wireless lan provided by the wireless access device M and transmitting a request to the wireless access device M for access to the wireless lan, the wireless lan management system of the wireless control device C starts to access the user terminal device UiThe identity of the user is authenticated, and the specific authentication process is as follows:
(a) the wireless local area network management system pops up and user terminal equipment U on the verification pageiA dialog box for interactive communication;
(b) user terminal device UiIn the binary fieldSelecting a random number y at random, calculating E1D is yE, so that E1At curve OpAt (a, b), adding E1Inputting the data into a dialog box;
(c) wireless local area network managementSystem random generation in binary fieldThe random number c is displayed in a dialog box, namely returned to the user terminal equipment Ui;
(d) User terminal device UiCalculating S as y + cw, and inputting S into the dialog box;
(e) wireless local area network management system verification user terminal device UiIf SE ═ E1If + cW is true, it indicates that the authentication is passed, i.e. the user terminal device UiThe identity is legal, and the wireless local area network management system allows the user terminal equipment UiAccessing to a wireless local area network through a wireless access device M;
if SE ═ E1If + cW is not established, it indicates that the verification is not passed, i.e. the user terminal device UiIllegal identity, disallowing user terminal equipment UiAccessing to a wireless local area network through a wireless access device M;
the interactive communication dialog box has a traceless communication function, namely all interactive communication contents in the dialog box have no backup record.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (4)
1. A wireless local area network management system for preventing illegal user access is characterized by comprising: wireless control equipment C, wireless access equipment M and user terminal equipment U running with wireless local area network management system softwarei;
When the user terminal equipment UiOf the radio control device C upon detection of a network signal of the radio LAN provided by the radio access device M and transmission of a request to access the radio LAN to the radio access device MUser authentication method based on zero knowledge proof for user terminal device U in wireless LAN management systemiThe identity of (2) is authenticated, and the authentication method comprises the following steps:
the method comprises the following steps: user terminal device UiPerforming user registration on a wireless local area network management system of the wireless control device C, specifically:
(a) management system of wireless local area network in binary domainUpper selected a curve Op(a, b) in the curve Op(a, b) randomly selecting a point E as a base point, and returning the base point E to the user terminal equipment Ui;
(b) User terminal device UiIn the binary fieldSelecting a private key W, calculating a public key W (wE), and transmitting the public key W to a wireless local area network management system;
step two: wireless local network management system of wireless control equipment C for user terminal equipment UiThe identity of the user is authenticated, and the specific authentication process is as follows:
(a) user terminal device UiIn the binary fieldSelecting a random number y at random, calculating E1D is yE, so that E1At curve OpAt (a, b), adding E1Transmitting to a wireless local area network management system;
(b) the WLAN management system randomly generates in binary fieldThe random number c is returned to the user terminal equipment Ui;
(c) User terminal device UiCalculating S as y + cw, and transmitting S to the wireless local area network management system;
(d) wireless local area network management system verification user terminal device UiIf SE ═ E1+ cW is established, which shows that the authentication is passed, proving that the user terminal equipment U isiIf the identity is legal, the user terminal equipment U is allowediAnd accessing into the wireless local area network through the wireless access device M.
2. The wlan management system according to claim 1, wherein the radio control device C is configured to control the user terminal device UiThe identity of the user terminal equipment U is authenticated and legal user terminal equipment U is allowediAccess to wireless LAN and reject illegal user terminal device UiAnd accessing into the wireless local area network.
3. The management system of wireless lan management as claimed in claim 2, wherein the main functions of the wireless access device M are to provide network signals and access policies of the wireless lan.
4. The WLAN management system according to claim 3, wherein the UE U is configured to perform a call through the WLANiIs used for acquiring network signals of the wireless local area network and is used for accessing the network of the wireless local area network.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010030530.6A CN111031537A (en) | 2020-01-13 | 2020-01-13 | Wireless local area network management system for preventing illegal user access |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010030530.6A CN111031537A (en) | 2020-01-13 | 2020-01-13 | Wireless local area network management system for preventing illegal user access |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111031537A true CN111031537A (en) | 2020-04-17 |
Family
ID=70198865
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010030530.6A Withdrawn CN111031537A (en) | 2020-01-13 | 2020-01-13 | Wireless local area network management system for preventing illegal user access |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111031537A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111695147A (en) * | 2020-05-13 | 2020-09-22 | 刘中恕 | Data security management system based on cloud storage technology |
CN111818015A (en) * | 2020-06-10 | 2020-10-23 | 胡全生 | Security protection system suitable for remote node access |
CN112865974A (en) * | 2021-01-20 | 2021-05-28 | 杨雯雯 | Safety protection system based on edge computing access equipment |
-
2020
- 2020-01-13 CN CN202010030530.6A patent/CN111031537A/en not_active Withdrawn
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111695147A (en) * | 2020-05-13 | 2020-09-22 | 刘中恕 | Data security management system based on cloud storage technology |
CN111818015A (en) * | 2020-06-10 | 2020-10-23 | 胡全生 | Security protection system suitable for remote node access |
CN112865974A (en) * | 2021-01-20 | 2021-05-28 | 杨雯雯 | Safety protection system based on edge computing access equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111031537A (en) | Wireless local area network management system for preventing illegal user access | |
US20060037064A1 (en) | System, method and program to filter out login attempts by unauthorized entities | |
Gupta et al. | Security threats of wireless networks: A survey | |
CN108924122B (en) | Network friend or foe identification method and system | |
CN110830447A (en) | SPA single packet authorization method and device | |
CN108282779A (en) | Incorporate Information Network low time delay anonymous access authentication method | |
CN110611682A (en) | Network access system, network access method and related equipment | |
CN111212430A (en) | Wireless local area network protection system based on zero knowledge proof | |
CN101764788B (en) | Safe access method based on extended 802.1x authentication system | |
CN114025350B (en) | Dual authentication method based on password and frequency offset | |
CN111935067A (en) | Enterprise user identity authentication system based on cloud computing technology | |
WO2018036221A1 (en) | Wireless network security verification device, method thereof, and router | |
CN106888091A (en) | Trustable network cut-in method and system based on EAP | |
CN111405548B (en) | Fishing wifi detection method and device | |
US9100429B2 (en) | Apparatus for analyzing vulnerability of wireless local area network | |
Anmulwar et al. | Rogue access point detection methods: A review | |
CN111711603A (en) | Identity authentication system based on terminal equipment of Internet of things | |
CN114915427B (en) | Access control method, device, equipment and storage medium | |
CN110831000A (en) | Secure access method, device and system | |
KR102366574B1 (en) | Wireless Intrusion Prevention Methods | |
Chen et al. | Development and implementation of anti phishing wi-fi and information security protection app based on android | |
CN111064731B (en) | Identification method and identification device for access authority of browser request and terminal | |
Setiadji et al. | Lightweight method for detecting fake authentication attack on Wi-Fi | |
CN111711953A (en) | Prevent wireless network management and control system of rubbing net | |
Ojha et al. | An Overview of Protocols-Based Security Threats and Countermeasures in WLAN |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20200417 |